Openvpn config question

Hello all,

I'm a long time user of openwrt, and am struggling with an openvpn config.

Basically, what I want to achieve is this:

  • LAN wireless SSID -> goes to WAN
  • VPN wireless SSID -> goes to VPN

I now have the VPN tunnel working (Cyberghost) as stated in syslog, I have the tun0 interface on, all OK, and I've followed every guide out there.
Basically, it works OK, and my IP is indeed anonymised.

But the issue is, ALL of my WAN traffic is going through VPN. LAN and VPN SSID. I really don't understand why.
How can I seggregate traffic between WAN and VPN ?
Why are WAN/WAN6 and TUN0 security zones the same ? They shouldn't, right ?

Are you using VLAN tagging?

Yes if the vpn tunnel is in the wan firewall zone, there's no way to distinguish between forwarding to wan and forwarding to vpn.

So make a new firewall zone for the vpn tunnel and have two forward rules:

vpnuser is the network and firewall zone with the VPN users connected by wifi. This is set up like a guest network.

1 Like

No, I don't.

I've been following the guides, so yes, they are in the same zone.

This is exactly what I'm trying to do ! I have a guest wifi, a LAN wifi, and a VPN wifi. Each, with a /24 network address. I just can't figure out how to direct the VPN one (only) into the openvpn tunnel.

The VPN provider seems to have good performance, but for gaming, there is no point going to them.

Vpn client on seperate wifi network, no vpn on the other - #6 by vgaetera

Thanks a lot !

I got it working now. LAN and guest traffic are now going to WAN, direct, while VPN WIFI interface is going to the VPN tunnel.
Again, thanks ! Much appreciated.

It actually can be done via LUCI only, and works well.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.